The discipline of information technology governance derives from corporate governance and deals primarily with the connection between business focus and IT management of an organization. It highlights the importance of IT related matters in contemporary organizations and states that strategic IT decisions should be owned by the corporate board, rather than by the CIO or other IT managers.

The primary goals for information technology governance are to:

1. Assure that the investments in IT generate business value, and
   
   
2. Mitigate the risks that are associated with IT. This can be done by implementing an organizational structure with well-defined roles for the responsibility of information, business processes, applications, infrastructure etc..

Decision rights are a key concern of IT governance, being the primary topic of the book by that name by Weill and Ross. According to Weill and Ross, depending on the size, business scope, and IT maturity of an organization, either centralized, decentralized or federated models of responsibility for dealing with strategic IT matters are suggested. In this view, the well defined control of IT is the key to success.

Attr. ISACA COBIT 5.0
COBIT 5.0 now being developed is an effective measure to ensure implementation of comprehensive IT Governance. It integrates the measures of COBIT 4.1- the VALIT framework and ITIL V3.

To achieve effective IT governance, business managers must work with service managers to ensure that IT is aligned with business needs and services are reliable, resilient and responsive to change. Together, COBIT and ITIL provide guidance to help the service manager identify the key steps and who is responsible for them so there are no gaps.

COBIT is an IT governance framework that focuses on what should be addressed to ensure good governance of all IT-related processes, including those related to Service Management. It provides structured guidance and tools for implementing the IT processes required to satisfy business needs. By using COBIT, an enterprise can ensure that its Service Management efforts are aligned with its overall business, governance and internal control requirements. ITIL complements COBIT by providing the how—how to plan, design and implement effective Service Management capabilities.

Together, COBIT and ITIL provide a top-to-bottom approach to IT governance and Service Management. COBIT guides management’s priorities and objectives with a holistic and complete approach to a full range of IT activities, focusing all stakeholders (business and IT management, auditors, and IT professionals) on an integrated and common approach. ITIL supports this with good practices for Service Management.

When combined, the power of both approaches is amplified, with a greater likelihood of management support and direction, and a more cost-effective use of resources. Used together, COBIT and ITIL provide an effective way to understand business priorities and requirements, and then use this knowledge to drive a focus on IT services. This approach allows management to better understand the significance of IT services and how they support the business, and also enables operational IT managers to better understand the impact that services have on business processes. The result is more highly effective business cases for service improvements.